Tutorial

slack  Please join us on Slack if you have any question(s) or suggestion(s)

 

Real-time trace route

local> trace 8.8.8.8 -r
Press [q] to quit, [r] to reset statistics, [1,2] to change display mode

Host                                                     ASN    Holder                Loss%          Sent           Last   Avg    Best   Wrst  
[1 ] 192.168.0.1                                                                      0.0            24             1.58   4.86   0.98   436.82
[2 ] 142.254.236.25                                     20001  ROADRUNNER-WEST        0.0            24             14.46  13.61  10.77  19.66 
[3 ] agg59.snmncaby01h.socal.rr.com.                    20001  ROADRUNNER-WEST        0.0            24             13.80  20.72  11.09  59.46 
[4 ] agg20.lamrcadq01r.socal.rr.com.                    20001  ROADRUNNER-WEST        0.0            24             18.32  59.15  12.82  341.08
[5 ] agg28.lsancarc01r.socal.rr.com.                    20001  ROADRUNNER-WEST        0.0            24             22.85  23.53  17.27  28.62 
[6 ] bu-ether16.lsancarc0yw-bcr00.tbone.rr.com.         7843   TWCABLE-BACKBONE       0.0            24             24.84  31.16  15.37  52.98 
[7 ] 216.0.6.25                                         2828   XO-AS15                0.0            24             35.54  26.11  15.00  35.54 
[8 ] 216.0.6.42                                         2828   XO-AS15                0.0            24             18.77  18.07  15.75  39.54 
[9 ] 209.85.245.199                                     15169  GOOGLE                 0.0            24             18.72  19.51  15.19  89.76 
[10] 216.239.62.93                                      15169  GOOGLE                 0.0            24             16.35  17.80  15.93  40.95 
[11] google-public-dns-a.google.com.                    15169  GOOGLE                 4.2            24             17.15  18.12  15.56  32.38 
HTTP Ping

local> hping freebsd.org
HPING freebsd.org (8.8.178.110), Method: HEAD, DNSLookup: 166.7742 ms
HTTP Response seq=0, proto=HTTP/1.1, status=200, time=635.414 ms
HTTP Response seq=1, proto=HTTP/1.1, status=200, time=56.766 ms
HTTP Response seq=2, proto=HTTP/1.1, status=200, time=56.156 ms
HTTP Response seq=3, proto=HTTP/1.1, status=200, time=53.536 ms

--- freebsd.org HTTP ping statistics --- 
4 requests transmitted, 4 replies received, 0% timeout
HTTP Round-trip min/avg/max = 53.54/127.33/635.41 ms
HTTP Code [200] responses : [████████████████████] 100.00% 
local> hping help

    usage:
          hping [-c count][-t timeout][-m method][-d data] url

    options:		  
          -c count       Send 'count' requests (default: 4)
          -t timeout     Specifies a time limit for requests in second (default is 2) 
	  -m method      HTTP methods: GET/POST/HEAD (default: HEAD)
          -d data        Sending the given data (text/json) (default: "mylg")
 BGP Looking Glass

lg/telia/los angeles> bgp 8.8.8.0/24
Telia Carrier Looking Glass - show route protocol bgp 8.8.8.0/24 table inet.0

Router: Los Angeles

Command: show route protocol bgp 8.8.8.0/24 table inet.0

inet.0: 661498 destinations, 5564401 routes (657234 active, 509 holddown, 194799 hidden)
+ = Active Route, - = Last Active, * = Both

8.8.8.0/24         *[BGP/170] 33w0d 01:36:06, MED 0, localpref 200
                      AS path: 15169 I, validation-state: unverified
                    > to 62.115.36.170 via ae4.0
                    [BGP/170] 8w3d 11:19:40, MED 0, localpref 200, from 80.91.255.95
                      AS path: 15169 I, validation-state: unverified
                      to 62.115.119.84 via xe-1/1/0.0
                      to 62.115.119.88 via xe-1/2/0.0
                      to 62.115.119.90 via xe-11/0/3.0
                      to 62.115.119.102 via xe-9/0/0.0
                      to 62.115.119.92 via xe-9/0/2.0
                    > to 62.115.119.86 via xe-9/1/2.0
                      to 62.115.119.98 via xe-9/2/2.0
                      to 62.115.119.100 via xe-9/2/3.0
                      to 62.115.119.94 via xe-9/3/1.0
                      to 62.115.119.96 via xe-9/3/3.0
Whois ASN

local> whois 577
BACOM - Bell Canada, CA
+--------------------+-----------+
|      LOCATION      | COVERED % |
+--------------------+-----------+
| Canada - ON        |   61.3703 |
| Canada             |   36.2616 |
| Canada - QC        |    1.3461 |
| United States - MA |    0.7160 |
| Canada - BC        |    0.1766 |
| Canada - AB        |    0.0811 |
| United States      |    0.0195 |
| United States - NJ |    0.0143 |
| Belgium            |    0.0048 |
| United States - NC |    0.0048 |
| United States - TX |    0.0048 |
| Canada - NB        |    0.0000 |
| Canada - NS        |    0.0000 |
+--------------------+-----------+

Scan port
 
local> scan google.com
+----------+------+--------+-------------+
| PROTOCOL | PORT | STATUS | DESCRIPTION |
+----------+------+--------+-------------+
| TCP      |   80 | Open   |    HTTP     |
| TCP      |  443 | Open   |    HTTPS    |
+----------+------+--------+-------------+
Scan done: 2 opened port(s) found in 1.399 seconds
Peering information

local> peering 6327
The data provided from www.peeringdb.com
+-------------------+---------------+---------------+--------------------+------+
|       NAME        |    TRAFFIC    |     TYPE      |      WEB SITE      | NOTE |
+-------------------+---------------+---------------+--------------------+------+
| Shaw Cablesystems | 500-1000 Gbps | Cable/DSL/ISP | http://www.shaw.ca |      |
+-------------------+---------------+---------------+--------------------+------+
+------------------+--------+--------+-----------------+-------------------------+
|       NAME       | STATUS | SPEED  |    IPV4 ADDR    |        IPV6 ADDR        |
+------------------+--------+--------+-----------------+-------------------------+
| Equinix Ashburn  | ok     |  20000 | 206.126.236.20  | 2001:504:0:2::6327:1    |
| Equinix Ashburn  | ok     |  20000 | 206.223.115.20  |                         |
| Equinix Chicago  | ok     |  30000 | 206.223.119.20  | 2001:504:0:4::6327:1    |
| Equinix San Jose | ok     |  30000 | 206.223.116.20  | 2001:504:0:1::6327:1    |
| Equinix Seattle  | ok     |  20000 | 198.32.134.4    | 2001:504:12::4          |
| Equinix New York | ok     |  10000 | 198.32.118.16   | 2001:504:f::10          |
| SIX Seattle      | ok     | 100000 | 206.81.80.54    | 2001:504:16::18b7       |
| NYIIX            | ok     |  20000 | 198.32.160.86   | 2001:504:1::a500:6327:1 |
| TorIX            | ok     |  10000 | 206.108.34.12   |                         |
| PIX Vancouver    | ok     |  10000 | 206.223.127.2   |                         |
| PIX Toronto      | ok     |   1000 | 206.223.127.132 |                         |
| Equinix Toronto  | ok     |  10000 | 198.32.181.50   | 2001:504:d:80::6327:1   |
+------------------+--------+--------+-----------------+-------------------------+
DNS information - more than 200 countries

ns/united states/redwood city> dig yahoo.com
Trying to query server: 204.152.184.76 united states redwood city
;; opcode: QUERY, status: NOERROR, id: 19850
;; flags: qr rd ra;
yahoo.com.	728	IN	MX	1 mta6.am0.yahoodns.net.
yahoo.com.	728	IN	MX	1 mta5.am0.yahoodns.net.
yahoo.com.	728	IN	MX	1 mta7.am0.yahoodns.net.
yahoo.com.	143013	IN	NS	ns4.yahoo.com.
yahoo.com.	143013	IN	NS	ns6.yahoo.com.
yahoo.com.	143013	IN	NS	ns2.yahoo.com.
yahoo.com.	143013	IN	NS	ns5.yahoo.com.
yahoo.com.	143013	IN	NS	ns1.yahoo.com.
yahoo.com.	143013	IN	NS	ns3.yahoo.com.

;; ADDITIONAL SECTION:
ns1.yahoo.com.	561456	IN	A	68.180.131.16
ns2.yahoo.com.	27934	IN	A	68.142.255.16
ns3.yahoo.com.	532599	IN	A	203.84.221.53
ns4.yahoo.com.	532599	IN	A	98.138.11.157
ns5.yahoo.com.	532599	IN	A	119.160.247.124
ns6.yahoo.com.	143291	IN	A	121.101.144.139
ns1.yahoo.com.	51624	IN	AAAA	2001:4998:130::1001
ns2.yahoo.com.	51624	IN	AAAA	2001:4998:140::1002
ns3.yahoo.com.	51624	IN	AAAA	2406:8600:b8:fe03::1003
ns6.yahoo.com.	143291	IN	AAAA	2406:2000:108:4::1006
;; Query time: 1204 ms

;; CHAOS CLASS BIND
version.bind.	0	CH	TXT	"9.10.4-P1"
hostname.bind.	0	CH	TXT	"fred.isc.org"

ns> connect 

afghanistan                        albania                            algeria                            american samoa                     angola                             
anguilla                           antigua and barbuda                argentina                          armenia                            australia                          
austria                            azerbaijan                         bahamas                            bahrain                            bangladesh                         
barbados                           belarus                            belgium                            benin                              bermuda                            
bolivia                            bosnia and herzegovina             botswana                           brazil                             brunei darussalam                  
bulgaria                           cambodia                           cameroon                           canada                             cayman islands                     
chile                              china                              colombia                           costa rica                         croatia                            
curaçao                            cyprus                             czech republic                     denmark                            dominica                           
dominican republic                 ecuador                            egypt                              el salvador                        estonia                            
fiji                               finland                            france                             french guiana                      french polynesia                   
gabon                              gambia                             georgia                            germany                            ghana                              
greece                             greenland                          guam                               guatemala                          guyana                             
haiti                              honduras                           hong kong                          hungary                            iceland                            
india                              indonesia                          iran                               iraq                               ireland                            
isle of man                        israel                             italy                              jamaica                            japan                              
jersey                             jordan                             kazakhstan                         kenya                              kuwait                             
lao people's democratic republic   latvia                             lebanon                            lesotho                            liechtenstein                      
lithuania                          luxembourg                         macao                              macedonia                          madagascar                         
malaysia                           maldives                           malta                              martinique                         mauritius                          
mexico                             moldova                            mongolia                           montenegro                         morocco                            
mozambique                         namibia                            nepal                              netherlands                        new zealand                        
nicaragua                          nigeria                            norway                             pakistan                           palestine                          
panama                             papua new guinea                   paraguay                           peru                               philippines                        
poland                             portugal                           puerto rico                        qatar                              romania                            
russian federation                 saint kitts and nevis              saint lucia                        saint martin                       saint pierre and miquelon          
saint vincent and the grenadines   saudi arabia                       serbia                             singapore                          sint maarten                       
slovakia                           slovenia                           south africa                       south korea                        spain                              
sri lanka                          suriname                           swaziland                          sweden                             switzerland                        
taiwan                             tanzania                           thailand                           trinidad and tobago                tunisia                            
turkey                             uganda                             ukraine                            united arab emirates               united kingdom                     
united states                      uruguay                            venezuela                          viet nam                           virgin islands british             
zambia                             zimbabwe

Whois IP address or prefix
local> whois 8.8.8.8
+------------+-------+--------------------------+
|   PREFIX   |  ASN  |          HOLDER          |
+------------+-------+--------------------------+
| 8.8.8.0/24 | 15169 | GOOGLE - Google Inc., US |
+------------+-------+--------------------------+

local> whois help

    usage:
          whois ASN/CIDR/IPAddress

    Example:
          whois 8.8.8.8
          whois 8.0.0.0/8
          whois 577
Network Lan Discovery
local> disc
Network LAN Discovery
+---------------+-------------------+------+-----------+--------------------------------+
|      IP       |        MAC        | HOST | INTERFACE |       ORGANIZATION NAME        |
+---------------+-------------------+------+-----------+--------------------------------+
| 192.168.0.1   | a4:2b:b0:eb:9a:b4 | NA   | en0       | TP-LINK TECHNOLOGIES CO.,LTD.  |
| 192.168.0.103 | ac:bc:32:b4:33:23 | NA   | en0       | Apple, Inc.                    |
| 192.168.0.105 | 40:b8:9a:60:55:9e | NA   | en0       | Hon Hai Precision Ind.         |
| 224.0.0.251   | 1:0:5e:0:0:fb     | NA   | en0       | NA                             |
+---------------+-------------------+------+-----------+--------------------------------+
local> trace google.com

trace route to google.com (216.58.193.206), 30 hops max
1 192.168.0.1 12.392 ms 0.906 ms 0.806 ms 
2  142.254.236.25 [ASN 20001/ROADRUNNER-WEST] 14.897 ms 16.244 ms 12.054 ms 
3  agg59.snmncaby01h.socal.rr.com. (76.167.31.241) [ASN 20001/ROADRUNNER-WEST] 38.366 ms 14.479 ms 11.637 ms 
4  agg20.lamrcadq01r.socal.rr.com. (72.129.10.128) [ASN 20001/ROADRUNNER-WEST] 14.161 ms 15.828 ms 14.408 ms 
5  agg28.lsancarc01r.socal.rr.com. (72.129.9.0) [ASN 20001/ROADRUNNER-WEST] 31.663 ms 41.640 ms 30.924 ms 
6  bu-ether16.lsancarc0yw-bcr00.tbone.rr.com. (66.109.6.102) [ASN 7843/TWCABLE-BACKBONE] 29.113 ms 19.225 ms 21.933 ms 
7  216.0.6.25 [ASN 2828/XO-AS15] 21.933 ms 16.482 ms 18.227 ms 
8  216.0.6.42 [ASN 2828/XO-AS15] 17.473 ms 15.730 ms 16.407 ms 
9  216.239.51.89 [ASN 15169/GOOGLE] 24.150 ms 18.027 ms 21.367 ms 
10 108.170.233.13 [ASN 15169/GOOGLE] 18.338 ms 16.179 ms 16.190 ms 
11 lax02s23-in-f206.1e100.net. (216.58.193.206) [ASN 15169/GOOGLE] 15.765 ms 22.910 ms 17.387 ms
local> dump -s http -x

22:10:15.770 IPv4/TCP  151.101.44.143:443(https) > 10.0.9.9:50771 [P.], win 59, len: 156
00000000  16 03 03 00 64 02 00 00  60 03 03 a2 32 19 4b 78  |....d...`...2.Kx|
00000010  77 ed 40 75 f6 4c 55 74  43 1d b7 6c f2 59 f8 d8  |w.@u.LUtC..l.Y..|
00000020  09 8a 3e 03 62 56 38 45  d2 bc 02 20 bd 52 8a 42  |..>.bV8E... .R.B|
00000030  5b 01 33 7d 2b 0b 41 da  eb 38 87 79 f1 37 62 5c  |[.3}+.A..8.y.7b\|
00000040  f3 ed 5a 7c 07 6c e9 28  9b fe fa 76 c0 2f 00 00  |..Z|.l.(...v./..|
00000050  18 ff 01 00 01 00 00 05  00 00 00 10 00 0b 00 09  |................|
00000060  08 68 74 74 70 2f 31 2e  31 14 03 03 00 01 01 16  |.http/1.1.......|
00000070  03 03 00 28 fc 20 2d 6f  1a 94 78 53 55 0f 8c 05  |...(. -o..xSU...|
00000080  3e ae 12 34 79 af d2 a9  bd 22 e5 3f b1 2b f5 36  |>..4y....".?.+.6|
00000090  ba 51 31 37 f5 0b e6 d2  40 fb 88 a5              |.Q17....@...    |
local> dump tcp and port 443 -c 10

23:26:56.026 IPv4/TCP  192.168.0.104:64686 > 192.0.80.242:443(https) [F.], win 8192, len: 0
23:26:56.045 IPv4/TCP  192.168.0.104:64695 > i2.wp.com.:443(https) [F.], win 8192, len: 0
23:26:56.048 IPv4/TCP  i2.wp.com.:443(https) > 192.168.0.104:64695 [F.], win 62, len: 0
23:26:56.081 IPv4/TCP  192.168.0.104:63692 > ec2-54-88-144-213.compute-1.amazonaws.com.:443(https) [P.], win 4096, len: 37
23:26:56.082 IPv4/TCP  192.168.0.104:64695 > i2.wp.com.:443(https) [.], win 8192, len: 0
23:26:56.083 IPv4/TCP  192.0.80.242:443(https) > 192.168.0.104:64686 [.], win 64, len: 0
23:26:56.150 IPv4/TCP  ec2-54-88-144-213.compute-1.amazonaws.com.:443(https) > 192.168.0.104:63692 [.], win 166, len: 0
23:26:56.259 IPv4/TCP  ec2-54-172-56-148.compute-1.amazonaws.com.:443(https) > 192.168.0.104:63623 [P.], win 1316, len: 85
23:26:56.260 IPv4/TCP  192.168.0.104:63623 > ec2-54-172-56-148.compute-1.amazonaws.com.:443(https) [.], win 4093, len: 0
23:26:56.820 IPv4/TCP  192.168.0.104:64691 > 192.30.253.116:443(https) [.], win 4096, len: 0
local> dump 

20:29:36.415 IPv4/TCP  ec2-52-73-80-145.compute-1.amazonaws.com.:443(https) > 192.168.0.104:61479 [P.], win 166, len: 33
20:29:36.416 IPv4/TCP  192.168.0.104:61479 > ec2-52-73-80-145.compute-1.amazonaws.com.:443(https) [.], win 4094, len: 0
20:29:36.417 IPv4/TCP  192.168.0.104:61479 > ec2-52-73-80-145.compute-1.amazonaws.com.:443(https) [P.], win 4096, len: 37
20:29:36.977 IPv4/UDP  192.168.0.104:62733 > 192.168.0.1:53(domain) , len: 0
20:29:37.537 IPv4/TCP  ec2-54-86-120-119.compute-1.amazonaws.com.:443(https) > 192.168.0.104:61302 [.], win 124, len: 0
20:29:38.125 IPv4/TCP  192.168.0.104:61304 > ec2-52-23-213-161.compute-1.amazonaws.com.:443(https) [P.], win 4096, len: 85
20:29:38.126 IPv4/TCP  ec2-52-23-213-161.compute-1.amazonaws.com.:443(https) > 192.168.0.104:61304 [.], win 1048, len: 0
20:29:38.760 IPv4/TCP  ec2-54-165-12-100.compute-1.amazonaws.com.:443(https) > 192.168.0.104:61296 [.], win 2085, len: 0
20:29:39.263 IPv4/ICMP 192.168.0.104 > ir1.fp.vip.ne1.yahoo.com.: EchoRequest id 20859, seq 27196, len: 56
20:29:39.265 IPv4/UDP  192.168.0.1:53(domain) > 192.168.0.104:62733 , len: 0
Direct access through shell / scriptable 

sh-3.2# mylg whois 577
BACOM - Bell Canada, CA
+--------------------+-----------+
|      LOCATION      | COVERED % |
+--------------------+-----------+
| Canada             |   75.2404 |
| Canada - ON        |   23.6202 |
| United States - MA |    0.7178 |
| Canada - BC        |    0.1675 |
| Canada - QC        |    0.1196 |
| Canada - AB        |    0.0814 |
| United States      |    0.0196 |
| United States - NJ |    0.0144 |
| United States - NC |    0.0048 |
| United States - TX |    0.0048 |
| United States - IL |    0.0048 |
| Belgium            |    0.0048 |
| Canada - NS        |    0.0000 |
| Canada - NB        |    0.0000 |
+--------------------+-----------+

sh-3.2# mylg dump -c 5
18:32:15.685 IPv4/TCP  ec2-52-90-64-91.compute-1.amazonaws.com.:443(https) > 192.168.0.100:55357 [P.], win 988, len: 97
18:32:15.685 IPv4/TCP  192.168.0.100:55357 > ec2-52-90-64-91.compute-1.amazonaws.com.:443(https) [.], win 4092, len: 0
18:32:15.705 IPv4/UDP  192.168.0.100:53020 > 192.168.0.1:53(domain) , len: 0
18:32:15.706 IPv4/UDP  192.168.0.1:53(domain) > 192.168.0.100:53020 , len: 0
18:32:15.706 IPv4/UDP  192.168.0.100:58134 > 192.168.0.1:53(domain) , len: 0
Set & show configuration

local> set hping timeout 2s
local> show config
set ping     timeout    2s
set ping     interval   1s
set ping     count      3
set hping    timeout    2s
set hping    method     head
set hping    data       mylg
set hping    count      5
set web      port       8080
set web      address    127.0.0.1
set scan     port       1-500